mirror of
https://github.com/containers/bootc.git
synced 2026-02-05 06:45:13 +01:00
72f1f2720d
Add a new `bootc container compute-composefs-digest` command that computes the bootable composefs digest directly from a filesystem directory path, defaulting to `/target`. This enables computing digests in container environments without requiring access to container storage or a booted host system. The existing container-storage-based behavior is preserved and renamed to `compute-composefs-digest-from-storage` (hidden). The `hack/compute-composefs-digest` script is updated to use the renamed command. The core digest computation logic is extracted into a new `bootc_composefs::digest` module with: - `new_temp_composefs_repo()` helper for DRY temp repository creation - `compute_composefs_digest()` function with "/" path rejection Unit tests and an integration test verify the command works correctly, producing valid SHA-512 hex digests with consistent results across multiple invocations. Exact digest values are not asserted due to environmental variations (SELinux labels, timestamps, etc.). Closes: https://github.com/bootc-dev/bootc/issues/1862 Assisted-by: OpenCode (Claude Opus 4.5) Signed-off-by: John Eckersberg <jeckersb@redhat.com>
12 lines
624 B
Bash
Executable File
12 lines
624 B
Bash
Executable File
#!/bin/bash
|
|
set -euo pipefail
|
|
# This just runs `bootc container compute-composefs-digest` in a provided container image
|
|
image=$1
|
|
shift
|
|
# Find the container storage
|
|
graphroot=$(podman system info -f '{{.Store.GraphRoot}}')
|
|
# --pull=never because we don't want to pollute the output with progress and most use cases
|
|
# for this really should be operating on pre-pulled images.
|
|
exec podman run --pull=never --quiet --rm --privileged --read-only --security-opt=label=disable -v /sys:/sys:ro --net=none \
|
|
-v ${graphroot}:/run/host-container-storage:ro --tmpfs /var "$image" bootc container compute-composefs-digest-from-storage
|